3 Answers
3

My suggestion would be to stop responding (for X time) to any source IP address that make more then X request in a X period of time. What you will need to set X to will depend on the DDOS attack. You want to block the attackers, but not normal traffic.